Olivia
Online
CERT/CC
@certcc
CERT Coordination Center at the Carnegie Mellon University Software Engineering Institute.
Pittsburgh, PA, USA
Joined March 2009
0 Following
3.5K Followers
103 Posts
You all know by now about the #log4j CVE-2021-44228 that affects lots of Java applications, right?
No? Well that extra sleep must be nice!
We've published a vulnerability note with details: https://t.co/tMcFgcI0bL
We link to PowerShell and Python3 scanners to find jar files too.
We have been communicating our findings to and collaborating with Pulse Secure. They have published more details about the Integrity Checker Tool (ICT) here:
https://t.co/Pak8al6oVe
It is important to realize that the Pulse Secure Integrity Checker Tool (ICT) and the PCS factory reset functionality can both be subverted by an attacker on a compromised PCS device. If we can do this, assume that attackers can do this as well.
🤔
Since the Pulse Connect Secure ICT has been public since March, it would be wise to assume that attackers have worked around it by now.
Yes, run the ICT if you haven't already by now.
No, a clean ICT report doesn't necessarily mean you're fine.
If you have a Pulse Connect Secure system and did not immediately apply the instantaneous XML workaround published on April 20, assume compromise until you can prove otherwise.
Run the PCS Integrity Assurance package as soon as possible (requires reboot).
https://t.co/J4vIdQm3TP
@cscart We have a vulnerability report that we would like to share with you. How would you like to receive vulnerability reports?
This is not a drill - patch your Exchange Servers ASAP
We're seeing active exploitation by #HAFNIUM
https://t.co/6q7KdPlKxg
We've published vulnerability note VU#490028 about Zerologon / CVE-2020-1472. Windows Domain controllers without the August update from Microsoft are vulnerable to complete domain takeover by an unauthenticated attacker. Samba DCs < 4.8 affected by default
https://t.co/L5Mf91XmrH
Citrix vulnerabilities in Citrix ADC (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway) and Citrix SD-WAN WANOP. Impacts include system compromise by an unauthenticated user on the management network.
https://t.co/c7Ghne8Frv
Please patch all devices affected by CVE-2020-2021 immediately, especially if SAML is in use. Foreign APTs will likely attempt exploit soon. We appreciate @PaloAltoNtwks’ proactive response to this vulnerability.
https://t.co/WwJdil5X0F
Microsoft has released ADV200006 about an 0day vulnerability being exploited in the wild in Microsoft Windows Adobe Type Manager Type 1 font parsing.
There are almost as many workarounds provided as there are attack vectors!
https://t.co/CNu5iV2Pc2
Microsoft has released updates for this issue:
https://t.co/YJO9L8U0ME
Disable SMB compression and block SMB both inbound AND outbound to help prevent exploitation of an unpatched "wormable" vulnerability in Microsoft Windows SMBv3.
https://t.co/Q9Go1MdC6Y
ADV200005 CVE-2020-0796 VU#872016
VU#338824
Microsoft Internet Explorer is being actively exploited in the wild using a new unpatched vulnerability in the Scripting Engine. Disable access to JScript.dll as a workaround.
https://t.co/IqrpfrHh89
If you use "Disable all macros without notification" in Microsoft Office for Mac, you may be in for an unpleasant surprise.
XLM macros in SYLK (.SLK) content will run without any prompting. This allows for arbitrary code execution without any clicks.
https://t.co/AmkqAvOoy0
Any device that has a software stack associated with it may become unsafe when it has outlived its support life span.
It's Time to Retire Your Unsupported Things
https://t.co/KhzZmqClXs
CVE Celebrates 20 Years!
https://t.co/gqCHCv6gR7!
#cve #cveentries #cveids #cna #vulnerabilities #cybersecurity
@todb Indeed. But guess what happens to a narrowly-targeted attack that suddenly has a patch available?
It's important to note that these updates are NOT currently being deployed via Windows Update or Microsoft Update. Despite being actively exploited in the wild, manual actions must be taken to receive the fixes.
Out of band security vulnerability fixes CVE-2019-1367 and CVE-2019-1255 have been released today. For more information please see https://t.co/QMUM53m8so and https://t.co/vy3d0wXWng .
Last Seen Users on Sotwe
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.4M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.1M followers
Taylor Swift
@taylorswift13
80.9M followers
Lady Gaga
@ladygaga
72.4M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
68.9M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.5M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.1M followers